Privacy and GDPR

On May 25, 2018 the European Union is enacting the General Data Protection Regulation (GDPR). All website owners are obliged to follow this regulation to protect the privacy of their visitors. The following document explains what YOOtheme Pro, Joomla and 3rd party services mean for your visitors' privacy, what data is collected and what necessary steps you should take to make your websites GDPR compliant.

Warp themes do not store any personal information. There are no tracking-cookies created or saved by the theme.

In any Warp theme you can make use of 3rd party services, for instance, Google Fonts, Google Analytics, etc. These services as well as Joomla are all working on making their products and services GDPR compliant. This document only focuses on their officially recommended solutions. Here is a short overview:

Warp themes are available for Joomla which will offer a number of privacy features with their next releases. There will be a new privacy extension with an API for 3rd party developers, a tool to handle the consent of registered users, and data handling tools to export and erase data from your Joomla website.

The use of Google Fonts is unauthenticated, and no cookies are set. The requests go to Google Fonts resource-specific domains, which are separate from google.com and do not contain any credentials from Google services. The requests for CSS assets are cached one day, and font files themselves are saved for one year. As a result, only few requests are sent to Google Fonts. More detailed information can be found in the Google Fonts Privacy FAQ.

So there is just 1 CSS request per font family, per day, per browser, containing just the IP address. Thus, Google has created sufficient conditions to protect your visitors' privacy.

If you still don't want to use Google Fonts, you can easily disable them by selecting System Fonts in the Style Customizer. You can also add your own custom fonts, for more information read the Less customization documentation.

Google Analytics provides settings for customizing cookies, sharing data, IP anonymization and other privacy controls. On May 25, Google will also introduce a data retention control to define how long the data is stored and a user deletion tool to remove visitors' data. It is the website owner's responsibility to make their Analytics settings GDPR compliant.

The Google Analytics script can be added in the Additional Scripts field in the Warp settings. Make sure to enable IP Anonymization.

Warp themes offer options to add social buttons to share your articles on Facebook, Twitter and Google+. If each option is enabled, the Facebook, Twitter and Google+ JavaScripts are loaded into the page.

This is a legacy feature, which will not be developed any further. We recommend using a 3rd party extension which offers more privacy settings instead.